3
responses

om_file to write in .evtx files

Hi,

I want to store my logs in .evtx file in windows. I tried following configuration.

<Output out2>    
    Module      om_file
  File     '%ROOT%\tmp\test.evtx'

</Output>

This created evtx file but it was also opening with notepad, wordpad,etc. For security purpose, I want to make it open with MS EventViewer API only.

Is this possible using nxlog om_file module? Is there any plugin for nxlog to store data in .evtx files?

AskedNovember 9, 2016 - 11:23am
2
responses

Installation Command Line Arguments

Hi,

I am a new at this and would like to know the command line argument that will let me specify what config file to use. I need to have this done during installation and avoid changing the file post installation.

Any help would be greatly appreciated.

 

Thanks.

AskedNovember 7, 2016 - 11:05pm
2
responses

Module im_odbc - how to reset value in "?"

Hi!

I have a problem using module im_odbc. I use sql query to receive some data from sql server. For example, query looks like "SELECT [Name] From [MyTable] WHERE [Id] > ?". In some moment, the "?" has stored incorrect value (I don't know how, but it's bigger then MAX(Id) value in my table) and sinse that moment, query has not return any data. 

AskedOctober 27, 2016 - 12:19pm
1
response

Suppress attribute question

Hello,

This is jsut a quick question on the following lines of a config for Nxlog. Basically is the code suppressing all security events with the exception of those event IDs with in the brackets or are the event IDs within the brackets being suppress?

AskedOctober 21, 2016 - 10:57pm

Pages